Announcement Announcement Module
Collapse
No announcement yet.
struts and spring security-unable to login with correct username and password Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • struts and spring security-unable to login with correct username and password

    I am developing a struts2 + spring + tiles + hibernate + spring security application

    When I go to url /register I am correctly redirected to the login page,
    but on logging in with username and password specified in the bean configuration file,
    I am redirected back to the login page with url "login?error=true" which means that the login was unsuccessful as I have mentioned "authentication-failure-url="/login?error=true""

    I have configured form based login with the following configuration


    //web.xml

    Code:
    <listener>
      	  <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        <context-param> 
            <param-name>contextConfigLocation</param-name> 
            <param-value>
            /WEB-INF/applicationContext.xml
            /WEB-INF/medic-security.xml 
            </param-value> 
        </context-param> 
        
        <filter> 
            <filter-name>springSecurityFilterChain</filter-name> 
            <filter-class> 
                org.springframework.web.filter.DelegatingFilterProxy 
            </filter-class> 
        </filter> 
     
        <filter-mapping> 
            <filter-name>springSecurityFilterChain</filter-name> 
            <url-pattern>/*</url-pattern> 
        </filter-mapping>
      
        <filter>
        <filter-name>struts2</filter-name>
        <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
        </filter>
      
        <filter-mapping>
        <filter-name>struts2</filter-name>
        <url-pattern>/*</url-pattern>
        </filter-mapping>
    //medics-security.xml
    Code:
        <http auto-config="true" access-denied-page="/error">
    	<intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    	<intercept-url pattern="/register*" access="ROLE_USER" />
        <intercept-url pattern="/messagePost*" access="ROLE_USER" /> 
        <intercept-url pattern="/messageDelete*" access="ROLE_ADMIN" /> 
        <form-login login-page="/login" authentication-failure-url="/login?error=true"/> 
        <remember-me/>
        <logout/>
        
        </http> 
    
        <authentication-manager> 
           <authentication-provider> 
              <user-service>
              <user name="admin" password="secret" authorities="ROLE_USER"/>
              </user-service>	
           </authentication-provider> 
        </authentication-manager>
    //login.jsp
    Code:
        <form action="j_spring_security_check">	
            <label for="j_username">Username</label>
    	<input type="text" name="j_username" id="j_username"/><br/>	
            <label for="j_password">Password</label>
    	<input type="password" name="j_password" id="j_password"/><br/>	
            <input type='checkbox' name='_spring_security_remember_me'/> Remember me<br/>	
            <input type="submit" value="Login"/>
    	<input type="reset" value="Reset"/>
        </form>
    //struts.xml
    Code:
        <package name="default" namespace="/" extends="struts-default">
            <action name="login" class="com.medics.action.LoginAction">
            <result name="SUCCESS" type="tiles">login</result>
            </action>
            
            <action name="register" class="com.medics.action.RegisterAction">
            <result name="SUCCESS">/Register.jsp</result>
            </action>
        </package>
    Action classes are doing nothing except returning "SUCCESS"
    Please help me

  • #2
    Enable debug logging and check the output in the log to see what happens. The fact that you end up at the login error page isn't much to go on.

    Comment


    • #3
      How do I enable debug logging

      Comment


      • #4
        Hey I found the solution, You have to use

        <form method="post" action="j_spring_security_check"> in login.jsp

        Its strange that the latest Apress book from which I read, doesn't mention this

        Comment

        Working...
        X